View previous topic :: View next topic |
Author |
Message |
dkurfurst
Joined: 22 Sep 2005 Posts: 61
|
Posted: Wed Apr 25, 2018 9:29 am Post subject: Need to Test if Windows Firewall is on/off win 2008 / 2012r2 |
|
|
I am looking to test all of my servers to verify that the Windows Firewall is turned off. I see that there are 3 different registry keys to check (HKLM\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\ and then the three firewall profile keys "DomainProfile" , "PublicProfile" and "StandardProfile" with the Regkey = EnableFirewall=0
The problem with the above is that I would need to setup 3 separate tests for each server to check each firewall profile, which I really don't want to do.
I know that I can run a netsh command line to get the state of the firewall"netsh advfirewall show allprofiles state"
but I am uncertain on how to have Host Monitor report on the active state being On or Off.
I need to verify that all systems have the Firewall turned off and if the firewall is on to alert me.
Any assistance on this would be greatly appreciated
Thanks
Don |
|
Back to top |
|
|
KS-Soft
Joined: 03 Apr 2002 Posts: 12805 Location: USA
|
Posted: Wed Apr 25, 2018 12:18 pm Post subject: |
|
|
I think simple Shell Script (e.g. BAT file can be used). We can create script for you, please send your order number or registration name to support@ks-soft.net
Regards
Alex |
|
Back to top |
|
|
dkurfurst
Joined: 22 Sep 2005 Posts: 61
|
Posted: Wed Apr 25, 2018 12:31 pm Post subject: |
|
|
Thanks, I just sent my registration # |
|
Back to top |
|
|
dkurfurst
Joined: 22 Sep 2005 Posts: 61
|
Posted: Wed May 02, 2018 1:44 pm Post subject: |
|
|
I have the test setup to call the shell script but its not working correctly.
I need to test if any occurrence of the windows firewall is on. I need to know if any one of the 3 firewall states are on to return a bad result. I tested the script you provided to me but it always returns a status of OK. Script is below.
@echo off
netsh advfirewall show allprofiles state|find /C "ON"|find "3" >nul && set "fw1=3" || set "fw1=0"
if %fw1%==0 (
echo scriptres:Bad:firewall off
exit
)
)
echo scriptres:Ok: |
|
Back to top |
|
|
KS-Soft
Joined: 03 Apr 2002 Posts: 12805 Location: USA
|
Posted: Wed May 02, 2018 4:13 pm Post subject: |
|
|
netsh command allows to specify server, username and password.
But I am afraid "netsh advfirewall" does not work with remote systems (may be this depends on Windows version)
What Windows do you have installed on local and remote system?
You may try to modify script, add -r hostname -u username -p password parameters to netsh command.
We plan to implement new Windows related tests in 2018..
Regards
Alex |
|
Back to top |
|
|
KS-Soft
Joined: 03 Apr 2002 Posts: 12805 Location: USA
|
Posted: Wed May 02, 2018 4:14 pm Post subject: |
|
|
Quote: | I have the test setup to call the shell script but its not working correctly. |
Works fine on our systems.
What Windows do you use?
Regards
Alex |
|
Back to top |
|
|
dkurfurst
Joined: 22 Sep 2005 Posts: 61
|
Posted: Thu May 03, 2018 6:50 am Post subject: |
|
|
I am testing against Windows server 2012R2
I need to verify that Firewall state for all 3 profiles is Off, if any of the 3 profiles is on I need it to return a bad.
I have been testing this against a test box and no matter what the firewall state is set to the test still returns an OK.
What I am looking for is to get alerted if the firewall is turned on for any profile and to return an OK if all the firewall states are Off |
|
Back to top |
|
|
KS-Soft
Joined: 03 Apr 2002 Posts: 12805 Location: USA
|
Posted: Thu May 03, 2018 11:21 am Post subject: |
|
|
Yes, it works fine on Windows 2012 (local system)
Quote: | I need to verify that Firewall state for all 3 profiles is Off, |
So you want to see Ok status when Firewall profiles disabled?
Then replace ON with OFF
@echo off
netsh advfirewall show allprofiles state|find /C "OFF"|find "3" >nul && set "fw1=3" || set "fw1=0"
if %fw1%==0 (
echo scriptres:Bad:firewall on
exit
)
)
echo scriptres:Ok: |
|
Back to top |
|
|
|